Public GitLab bug reports.

Team Bounty Title
GitLab - Missing/Breach of Internal Security Boundary - Access to Job Queue Results in Remote Code Execution
GitLab - Stored XSS on Files overview by abusing git submodule URL
GitLab - Unfiltered `class` attribute in markdown code
GitLab - CSV injection in gitlab.com via issues export feature.
GitLab - [Repository Import] Open Redirect via "continue[to]" parameter
GitLab - [Subgroups] Unprivileged User Can Disclose Private Group Names
GitLab - Open redirect
GitLab - Gitlab.com is vulnerable to reverse tabnabbing via AsciiDoc links. (#3)
GitLab - Gitlab.com is vulnerable to reverse tabnabbing. (#2)
GitLab - Gitlab.com is vulnerable to reverse tabnabbing.
GitLab - [Textile] XSS in project README files
GitLab - [reStructuredText] XSS in project README files
GitLab - [RDoc] XSS in project README files
GitLab - Users with guest access can post notes to private merge requests, issues, and snippets
GitLab - User with guest access can access private merge requests
GitLab - Every user can delete public deploy keys
GitLab - Users can download old project exports due to unclaimed namespace
GitLab - State filter in IssuableFinder allows attacker to delete all issues and merge requests
GitLab - CSRF Token Bypass in Account Deletion
GitLab - Read files on application server, leads to RCE
GitLab - Mailgun misconfiguration leads to email snooping and [email protected] on email.mg.gitlab.com
GitLab - Boards leak private label names and desciptions
GitLab - XSS On meta tags in profile page
GitLab - Ability to access all user authentication tokens, leads to RCE
GitLab - Insecure 2FA/authentication implementation creates a brute force vulnerability
GitLab - Persistent XSS on public wiki pages
GitLab - Private snippets in public / internal projects leaked though GitLab API
GitLab - Confidential issues leaked in public projects when attached to milestone
GitLab - Attacker can post notes on private MR, snippets, and issues
GitLab - Attacker can delete (and read) private project webhooks
GitLab - GFM renderer leaks external issue tracker URL of private project
GitLab - Labels created in private projects are leaked
GitLab - Privilege escalation to access all private groups and repositories
GitLab - Persistent XSS on public project page
GitLab - Bypassing password authentication of users that have 2FA enabled
GitLab - Attacker can extract list of private project's project members
GitLab - Markdown based stored XSS (IE only)